pytdc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly loads and ingests public third‑party datasets and services (e.g., MolGen(name='ChEMBL_V29'), DTI(name='BindingDB_Kd'), cid2smiles/uniprot2seq calls and USPTO/BindingDB/ChEMBL references) in SKILL.md and scripts (scripts/load_and_split_data.py, scripts/molecular_generation.py), and those external dataset/ID lookups are read and used to drive model training, splitting, oracle evaluation and generation decisions—so external content can materially influence agent behavior.